Consumer IT Increasingly Used in the Workplace

Consumer IT Increasingly Used in the Kiwi Workplace; Creates Security, Liability and Support Risks – Research from Unisys

Disconnect between how and what technology employers think is being used vs. what employees are actually using

New research sponsored by Unisys and conducted by International Data Corp. (IDC) shows consumer technology, such as smart phones, netbooks and social networking sites are being used increasingly in the New Zealand workplace. This “consumerisation of IT” is impacting how employees perform their jobs, how they collaborate, how technology is selected and purchased, and how organisations communicate with their employees, customers, suppliers and partners. The research also reveals surprising gaps in readiness by IT organisations to manage, support, secure and ultimately capitalise on the rapidly growing use of consumer technologies in the workplace.

The Consumerisation of IT research shows that the vast majority of New Zealand employees (96 percent) use at least one self-purchased technology device in the course of their work. It found that iPhones and PDAs are more often purchased personally by the employee, whereas Blackberry smartphones are more often paid for by the employer.

About 44 percent of employers allow access to corporate applications via a smartphone, lower than the corresponding global result (48 percent).

Disconnect Between Employees and Employers
The research found that there is a disconnect between what technology employers think is being used in the office and what employees are actually using. For example 83 percent of employees say they use VoIP whereas organisations estimated only 48 percent of their employers used it. Similarly only 13 percent of employees say they use a PC camera while organisations estimated 25 percent of employees use one.

The study also found there is a similar gap between employers and employees regarding what personal activities organisations allow at work:
• 53 percent of employees say they are allowed to attach personal devices to the network, but only 45 percent of employers say they can
• 52 percent of employees say they are allowed to store personal data on the network, but only 41 percent of employers say they can
• 34 percent of employees say they are allowed to download non-work related video files, but only 23 percent of employers say they can
• 37 percent of employees say they are allowed to download non-work related audio files, but only 25 percent of employers say they can.

“The danger is that if organisations are not aware of what technology is being used in their workplace or how their IT infrastructure is being used, they may not have in place adequate security measures – both technology and policies – and this can put their corporate data and employees’ privacy at risk,” explained Brett Hodgson, Managing Director, Unisys New Zealand.

Social Networking used for Business Activity
Employers expect a growth in the use of social networking sites at work. For example, 35 percent expect to use Twitter to conduct business activities in twelve months from now, compared to 30 percent using Twitter currently, but they also expect a concurrent fall in internet browsing from 95 percent to 71 percent.

Yet, 34 percent of New Zealand employers reported that they do not have social media guidelines for social media use in the workplace. That figure is lower than the global proportion of 40 percent.

The survey found that overall social networking in business is most commonly used for employee communications, customer communications and employee recruitment.

Interestingly, both employers and employees are closely aligned in rating New Zealand organisations as providing medium levels of IT support of social networking channels such as company blogs, company Twitter accounts and social networks. This differs from the global figure, where employees did not rank the level of IT organisation support provided for social networking as high as employers did.

Nick Abrahams, partner and head of Sydney office for international law firm, Norton Rose said: "More organisations are seeking legal advice to develop social networking policies for proprietary or private social networking systems that they use to communicate with customers or vendors. But equally they need to manage the use of consumer grade social networking sites such as Twitter and Facebook as they have impact and reach internally and externally. Internally they must be considered within the context of employee relations - so that social networking is not used as a tool for bullying or harassment or to invade an employee's privacy. Externally, what is said on company Twitter, blog and Facebook sites, and by whom, must also be carefully managed to not only to protect company information and the desired positioning of a company's brand, but also because litigators now recognise the value of information on social networking sites."

Choosing and Buying Consumer IT for Work
An emerging global trend related to the consumerisation of IT is “Bring Your Own Technology” (BYOT) schemes – where employees can choose their preferred technology, either unrestricted or to meet minimum specified requirements, which they either purchase with their own funds or for which the employer provides a digital allowance or stipend. However, in New Zealand most employers (85 percent) choose and purchase IT equipment for their employees (compared to nearly 70 percent globally) and only 12 percent of New Zealand organisations say they are likely to implement a digital allowance or stipend programme in the next two years (compared to about 30 percent globally).

“Currently, not many New Zealand organisations are planning to introduce BYOT anytime soon. Employers understand that while employee owned or purchasing models bring greater freedom of choice to employees, they bring with them new issues for the organisation in terms of the ability to manage or search corporate data on the device, ensure adequate security measures are in place, and decide who is responsible for maintenance and insurance. To avoid misunderstanding or ambiguity, employers should state up-front in clear business policies their security requirements and expected access, and identify who has responsibility for insurance and IT support, for any technology used on the corporate network or to support the employer’s business activity,” Mr Hodgson advised.


Risks – and the Action Employers Need to Take
While the consumerisation of IT provides employees with greater flexibility around the technology they use at work and offers employers improved productivity, it can also create new risks around security, liability and employee IT support.

New Zealand organisations report that they are slightly more security-conscious than the global average when it comes to changing passwords, single sign-on and the publishing of official social media guidelines, but are less security conscious about employee training, using complex passwords, performing automatic backups, automatic virus updates and accessing enterprise applications via smart phones. Overall, less than half (46 percent) of New Zealand organisations rate the security of infrastructure across all devices, applications and information systems as very secure, compared to 73 percent globally.

In addition, as the range of devices and applications used in the workplace expands, employers are faced with the decision as to what extent they will provide IT support. According to the study, New Zealand organisations expect they will need to increase help desk support in the next 12 months for iPhone and Blackberry smart phones, but decrease support for MAC and PC laptops. Interestingly, they expected to provide more support for MAC and PC desktop computers. As employees become more mobile with the use of consumer technologies, organisations also need to consider how they can provide more remote support and IT assistance for employees outside the office.

“Managing these risks requires more than a technology solution for protection of endpoints and the network infrastructure. Employers also need to address the human behaviour side of the issue via employee education about the risks and enforced policies to prevent them. And any such policies need to cover employee-owned devices, online applications and social networking sites used for work activity. According to the Consumerisation of IT research, IT policy is typically set by the IT department, CIO or CEO. However, given the nature of the risk, HR and legal departments need to be involved too,” Mr Hodgson said.

Perceived benefits of Consumerisation of IT
The Consumerisation of IT research found that both employers and employees see benefit in allowing consumer technology in the workplace. Employers cited productivity gains as the top business benefit. The study found that the trend may even impact which organisation people choose to work for. Many employees said that the ability to access specific consumer technology in a job is critical when evaluating an employment opportunity, citing that they would not accept a job offer without fast internet access (29 percent) or web-based corporate email (13 percent).

ENDS

© Scoop Media